E-Mail Greeting Card
Results 1 to 10 of 10

Thread: E-Mail Greeting Card

  1. #1
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

    E-Mail Greeting Card

    There is a new E-Mail greeting card making the rounds lately and getting a lot of attention.

    Symantec Security Response is aware of a widespread e-card (electronic greeting card) that appears to have the characteristics of a worm.
    Permissioned Media, runs a Web site called FriendGreetings.com, which lets one person send another person an electronic greeting card. The friendly facilitation seems simple
    and harmless, but it has a rather insidious side.

    When you receive a greeting from FriendGreetings.com, the message says
    that someone sent you the greeting and that to read it, you must click
    a URL that takes you to the Web site hosting the greeting. When you
    click the URL, you're prompted to install an ActiveX control before
    you view the greeting. As the greeting-card recipient, you would
    probably assume that you must install the ActiveX control to view the
    greeting; however, that's not the case. Instead, FriendGreetings.com
    has designed the ActiveX control, complete with an End User License
    Agreement (EULA), to interact with your mail client software and
    harvest information about your email contacts. After the ActiveX
    control obtains your private contact list information, it sends a
    similar greeting card to everyone in your contact list, probably
    unbeknownst to you!
    Just a heads-up.

    Cheers:
    DjM

  2. #2
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

    E-Mail Greeting Card

    There is a new E-Mail greeting card making the rounds lately and getting a lot of attention.

    Symantec Security Response is aware of a widespread e-card (electronic greeting card) that appears to have the characteristics of a worm.
    Permissioned Media, runs a Web site called FriendGreetings.com, which lets one person send another person an electronic greeting card. The friendly facilitation seems simple
    and harmless, but it has a rather insidious side.

    When you receive a greeting from FriendGreetings.com, the message says
    that someone sent you the greeting and that to read it, you must click
    a URL that takes you to the Web site hosting the greeting. When you
    click the URL, you're prompted to install an ActiveX control before
    you view the greeting. As the greeting-card recipient, you would
    probably assume that you must install the ActiveX control to view the
    greeting; however, that's not the case. Instead, FriendGreetings.com
    has designed the ActiveX control, complete with an End User License
    Agreement (EULA), to interact with your mail client software and
    harvest information about your email contacts. After the ActiveX
    control obtains your private contact list information, it sends a
    similar greeting card to everyone in your contact list, probably
    unbeknownst to you!
    Just a heads-up.

    Cheers:
    DjM

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130

    Question

    Imagine someone recieved a card suggesting an adulterous romantic engagement. It is recieved, and then forwarded to the recipients entire address book. Wouldn't that be great.

    My solution to email viruses? First of all, I do not use Outlook or Messenger, but Eudora. Second, I do not keep an address book as part of my email program. It is a textfile. Therefore I have never been responsible for spreading an email virus.

    Is this virus legal? What legal restitution is there for this? It is still a virus, however every user who spreads it has agreed to it. I imagine FriendGreetings.com looked into this first. Who's fault is it then?
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  4. #4
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130

    Question

    Imagine someone recieved a card suggesting an adulterous romantic engagement. It is recieved, and then forwarded to the recipients entire address book. Wouldn't that be great.

    My solution to email viruses? First of all, I do not use Outlook or Messenger, but Eudora. Second, I do not keep an address book as part of my email program. It is a textfile. Therefore I have never been responsible for spreading an email virus.

    Is this virus legal? What legal restitution is there for this? It is still a virus, however every user who spreads it has agreed to it. I imagine FriendGreetings.com looked into this first. Who's fault is it then?
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  5. #5
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    The "End User License Agreement", seems to be the key. As soon as you click the old "I Accept" button, you just gave the company permission. Cheap trick!

    Cheers:
    DjM

  6. #6
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    The "End User License Agreement", seems to be the key. As soon as you click the old "I Accept" button, you just gave the company permission. Cheap trick!

    Cheers:
    DjM

  7. #7
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    It's not a virus but a rather PITA marketing scam. Clicking the accept on the EULA gives them permission to send a similar card to everyone in your address book.

    While there is nothing inherently wrong with this, (the moron user authorized it...... ), as a sysadmin it would piss me off if I had to watch my bandwidth be chewed up by this unadulterated and childish crap..... they are supposed to be working for god's sake!!!!!!

    Rant over......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    It's not a virus but a rather PITA marketing scam. Clicking the accept on the EULA gives them permission to send a similar card to everyone in your address book.

    While there is nothing inherently wrong with this, (the moron user authorized it...... ), as a sysadmin it would piss me off if I had to watch my bandwidth be chewed up by this unadulterated and childish crap..... they are supposed to be working for god's sake!!!!!!

    Rant over......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #9
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    This smacks again about the need to reform EULA's all to often they are used in ways a users may not understand for the benefit and profit of some oie in the sky dot com want to be but never will get there, and or marketing company just doing what they want to do best shove things in your face you do not want. I have a rule if I visit a site I've never been to before I never agree to any auto download. Second my root email is never in question hell everything is sent to Hotmail all 465 messages per week I delete one message to keep the account active and everyone that sends gets an email box full response...dah M$ opted me into their partners that have nothing I want.
    It is a marketing Virus plan simple forget the term like they deserve a term even.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  10. #10
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    This smacks again about the need to reform EULA's all to often they are used in ways a users may not understand for the benefit and profit of some oie in the sky dot com want to be but never will get there, and or marketing company just doing what they want to do best shove things in your face you do not want. I have a rule if I visit a site I've never been to before I never agree to any auto download. Second my root email is never in question hell everything is sent to Hotmail all 465 messages per week I delete one message to keep the account active and everyone that sends gets an email box full response...dah M$ opted me into their partners that have nothing I want.
    It is a marketing Virus plan simple forget the term like they deserve a term even.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides